System.Security.Principal.IdentiyNotMappedException: Some or all identity references could not be translated.

Zac Harris
Zac Harris used Ask the Experts™
on
I have been getting a certain error in Event Viewer and was hoping someone could shed some light onto a possible cause.

The error reads:

Message:"System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]: Some or all identity references could not be translated. (Fault Detail is equal to An ExceptionDetail, likely created by IncludeExceptionDetailInFaults=true, whose value is:
System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.
   at System.Security.Principal.SecurityIdentifier.Translate(IdentityReferenceCollection sourceSids, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.SecurityIdentifier.Translate(Type targetType)

Any ideas?

Thanks

itguy
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Zac HarrisSystems Administrator

Author

Commented:
I am thinking this is leaning towards being a security issue with authentication between servers.
btanExec Consultant
Distinguished Expert 2018

Commented:
the user name for login must have been wrong or non-existence (You may have removed a service account inadvertently? probably need dome reset to default) ..I saw some instance resolving using

> set the identityReferences to this:
  new SecurityIdentifier(identity)
> change UserDomainName  to MachineName:
  string User = System.Environment.UserDomainName + "\\" + user.ToString();
> use LOGON_USER instead of REMOTE_USER :
  Request.ServerVariables["REMOTE_USER"]
Zac HarrisSystems Administrator

Author

Commented:
I will check and see if there are any service accounts missing... forgive my Friday mind, but is there a specific prompt I need to run these commands at?

I'm also assuming this needs to be done at an elevated prompt as well?
Should you be charging more for IT Services?

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

btanExec Consultant
Distinguished Expert 2018

Commented:
probably is to check all default account in the appl services you are running, there may be some other leading event on logon attempt even before this error in the event viewer - best check with apps team on the logon account used. Some may impersonate the service account as perm account to perform certain task like ldap search etc

elevated account indeed but first is to check the valid account is used and then its privileges later. the errors tend to indicate issue with account instead of privileges...maybe look at all privileged account later
Zac HarrisSystems Administrator

Author

Commented:
I haven't forgotten about this question. I am working with some of our developers to understand the errors I am getting.
Systems Administrator
Commented:
This was resolved. It appears that a update by Microsoft broke the coding of our application. We rebuilt the coding with a fix and the issue is resolved.
Zac HarrisSystems Administrator

Author

Commented:
Our developers fixed this issue. It was determined to have been caused by a Microsoft Update that was installed on the server hosting our application.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial